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Listing of Claims: 

1 . (Currently Amended) A method for providing secure communications over a network in a 
distributed workload environment having target hosts which are accessed through a distribution 
processor by a common network address, the method comprising the steps of: 

routing both inbound and outbound communications with target hosts which are 
associated with- n f^ ecur e n e twork oommunicatio n an end-to-end secure networ k communication 
through the distribution processor; 

processing both inbound and outbound end-to -cnd_securc network communications at the 
distribution processor so as to provide endpoint n etwork security processing of communications 
from the target host and endpoint n etwork security processing of communications to the target 
host; 

receiving at tlie dishnbution processor, network communications directed to the common 
networ k address: an d address: 

encapsulating conmiunications between the distribution processor an d selected ones of 

the plurality of target hosts which are associated with end-to-end secure network 
communications: and 

distributing the received network communicatiotts that are directed to the conmion 
network address among selected ones of the target hosts, wherein the selection among the target 
hosts is carried out so as to distribute workload associated with the network communications 
among the target hosts. 

2. (Canceled). 

3. (Currently Amended) A method according to Claim 2 Claim 1. further comprising the steps 
of: 

determining if the received network communications are end-to-end s ecure network 
communications which are to be distributed to ones of the target hosts; 
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wherei n th e st e p ofproccosing both inbound and outbound Gocuro network 
r'f>TnTn" r' ^"^^Ti > i nf fhn Hintrihntinn prnce! ; RQr comprinea th e step o f encapsulating 
communications between the distributioTi processor and selected ones of the plurality of target 
hosts which are associated with end-to-end secure network comniunications comprises 
processing the received network communications so as to provide encapsulated g eneric 
communications to the ones of the plurality of target hosts if the received network 
communications are end-to-end secure network communications which are distributed to ones of 
the target hosts and to not provide encapsulated generic communications to the ones of the 
plurality of targe t hosts if the received network communications are not end-to-end secure 
network communications . 

4. (Currently Amended) A method according to Claim 3, wherei n th e step of processing both 
inbound and outbound end-to-end secure network communications further comprises the steps 
of: 

receiving at the distribution processor communications from the ones of the target hosts 
which are associated with end-to-end secure network communications; and 

processing the received communications from the ones of the target hosts so as to provide 
endpoint n etwork security for the communications from the ones of the target hosts. 

5. (Currently Amended) A method according to Gloim 4 Claim 1, wherein encapsulating 
communications between the distribution processor and selected ones of the plurality of target 
hosts which are associated with md-to-end secure network communications comprises 
encapsulating the communications fe e-co mmunications r e c e iv e d from th e target hosts and th e 
g e n e ric communications to ones of tho pluralit)^ of targ e t hooto or e eHoap s ulated i n a generic 
routing format. 

6. (Currently Amended) A method according to Claim - 4 Cla im 5, wherein the generic 
communications are encapsulated in a generic routing format having sufficient information in a 
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header of the generic routing fonnat so as to authenticate the source of the communication 
between the distribution processor and ones of the plurality of target hosts- 

7. (Currently Amended) A method according to ^Qim 4 Claim L wherein the communications 
received from the target hosts at the distribution processor and the g e neri c encapsulated 
communications to ones of the plxirality of target hosts from the distribution processor are 
communicated over trusted communication links. 

8. (Currently amended) A method according to Claim 1 Claim 5 , further comprisin g the step of 
establishing common IP filters for communications oncapQulatod in a fionorio routing format at 
the distribution processor and the plurality or target hosts. 

9. (Origuial) A method according to Claim 8, wherein the common IP filters bypass IP filtering 
for inbound communi cations encapsulated in the generic routing format. 

10^19. (Canceled). 

20. (Currently Amended) A system for providing secure communications over a network in a 
distributed workload environment having target hosts associated with a common IP address and 
which are accessed through a distribution processor by a common network address, comprising: 

means for routing both inboimd and outbound communications with target hosts which 
arc associated wit h a Goouro notwork - cemmunicatio n an end-to-end secure network 
communication through the distribution processor; 

means for processing both inbound and outbound end-to-end secure network 
communications at the distribution processor so as to provid e endpoint network security 
processing of communications icom the target host and endpoint network security processing of 
communications to the target host; 

means for receiving at the distribution processor, network communications directed to the 
coiTimon network addr e s i s: an d address: 
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mfiansi far gncapsulatine cQmmimications between the distribution processor and selected 

ones of the plurality of target hosts which arc associated with end-to-end secure netwoik 
communicattons: and 

means for distributing the received network communications that are directed common 
network address among selected ones of the target hosts, wherein the selection among the target 
hosts is carried out so as to distribute workload associated with the network communications 
among the target hosts. 

21. (Canceled). 

22. (Currently Amended) A system according to Cloim 21 Claim 20 , further comprising: 

means for determining if the received network communications ar e end-to-cnd secure 
network communications which are to be distributed to ones of the target hosts; 

wherein the means for proc essi ng both inbound and outbound oooutQ not^^ork 
communicationis at th e distribution proo e ppo r means for encapsulating communications between 
the distribution processor and selected ones of the nluralitv of target hosts which are associated 
with end-to-end secure network communications comprise means for processing the received 
network communications so as to provide encapsulated generic commxmications to the ones of 
the plurality of target hosts if the received network communications are secure network 
communications which are distributed to ones of the target hosts and means to not provide 
encapsulated peneric communications to the ones of die nluralitv of target h osts if the received 
network c nmrnuni cations ai*e not end-to-end secure network communications . 

23. (Currentiy Amended) A system according to Claim 22, wherein th e otop of proo e ooing 
means for processing both inbound and outbound end-to-end secure network conunxmications 
fiirther comprises: 

means for receiving at the distribution processor communications from the ones of the 
target hosts which are associated wit fa_end-to-end secure network comimunications; and 
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means for processing the received communications jfrom the ones of the target hosts so as 
to provid e endpoint network security for the communications from Ihe ones of the target hosts. 

24. (Currently Amended) A system according tQ-Claim-23 ^ Claim 20, wherein the 
communioationg r e c e iv e d fe o m th e torgot hoGtfl and tho generic commiAnioations to onc5 of th e 
plnrnlity nf tnrget hnf.tr s aro onoQpriulat e d means for encapsulating conmiunic a tions between the 
distribution processor and selected ones of the plurality of target hosts which are associated with 
cnd'tO'Cnd secui^e network communications comprises means to e nc apsulate the communications 
in a generic routing format 

25. (Currently Amended) A system according to Claim 23 Claim 24, wherein goieric 
communications are encapsulated in a generic rouling format liaving sufficient information in a 
header of the generic routing format so as to authenticate the source of the communication 
between the distributing processor and ones of the plurality of target hosts. 

26. (Currently Amended) A system according to Claim 23 Claim 20 . wherein the 
communications received from the target hosts and the^g^^ ^ encapsulated communications to 
ones of the plurality of target hosts are communicated ovc^ trusted communication links. 

27. (Currently Amended) A system according t o Claim 23 Claim 24 . further comprising means 
for establishing common IP filters for communication s -e acapauloted In tlic generic routing 
format at the distributing processor and the plurality of target hosts. 

28. (Original) A system according to Claim 27, wherein the conamon 

IP filters bypass IP filtering for inbound communications encapsulated in the generic routing 
format. 

29. -38. (Canceled). 
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39. (Currently Amended) A computer program product for providing secure communications 
over a network in a distributed workload caivironment having target hosts associated with a 
common IF address and which are accessed through a distribution processor by a common 
network address, comprising: 

a computer readable medium having computer readable program code embodied therein, 
the computer readable program code comprising: 

computer readable program code which routes both inbound and outbound 
communications with target hosts which are associated wit h a aecur e n e t>>\^ork communication j n 
end-to-end secure network communication through the distribution processor; 

computer readable program code which processes both inbound and outbound cnd-to«end 
secure network communications at the distribution processor so as lo provid e endnoinl network 
security processing of communications from the taiget host and network security processing of 
communications to the target host; 

computer readable program code which receives at the distribution processor, network 
communications directed to the common networ k address: an d address: 

comnuter readable -program code which encapsulates communications between the 
distribution processor and selected ones of the plurality of target hosts wh ich arc associate d with 
cnd-to-cnd secure network communications; and 

computer readable program code which distributes the received network communications 
that are directed to the common network address among to seltJcLed ones of the LargcL hosts, 
wherein the selection among the target hosts is carried out so as to distribute workload associated 
with the network communications among the target hosts. 

40. (Canceled), 

41 . (Currently Amended) A computer program product according t o Claim 4 0 Claim 39 . further 
comprising: 
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cominiter readable program code which, determines if die received network 
communications ar e end-to-cnd secure network communications which are to be distributed to 
ones of the target hosts; 

wherein the computer readable program code whic h process e s bodi inbound and 
mithnimfi fi ft rmr e n etwf> rV cnmrnunicationG Qt th e- distribution processor oompris o encapsulates 
communications between the distribution processor and selected ones of the plurality of target 
hosts which are associated with end-to-end secure network communic a tions comprises computer 
readable program code which processes the received network communications so as to provide 
encapsulated generic communications to the ones of the plurality of target hosts if the received 
network communications are end-to-end secure network communications which arc distributed 
to ones of the target hosts and to not provide encapsulated aeneric communications to the onesjof 
the plurality of target hosts if the received network communications are not end-to-end secure 
network communications , 

42. (Currently Amended) A computer program product according to Claim 41 , wherein the 
computer readable program code which processes both inbound and outboun d end-to-end secure 
network communications further comprises: 

computer readable program code which receives at the distribution processor 
commimications from the ones of the target hosts which are associated wit h end-to-end secure 
network communications; and 

computer readable program code wliich processes the received communications from the 
ones of the target hosts so as to provid e endpoint network security for the conomunications from 
the one& of the target hosts. 

43. (Currently Amended) A computer program product according to Claim 4 2 Claim 39 , 
wherei n the communi cations r e c e iv e d from tho target hooto and th e g e neric communication s to 
onoG of tho plurality of targ e t hosts arc onoapoulate d computer readable program code which 
encapsulates communications between the distribution processor and selected ones of the 
plurality of tarpet hosts which are a«»sociated with end-to-end secure network communications 
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com prises computer readable program code which cncaosulat cs the communications in a generic 
routing foimat. 

44. (Currently Amended) A ^^Tr>pii»/>r pmgrnm proHiiri ac^rding t o Claim A2 Claim 43. 
wherein generic communications are encapsulated in a generic routing format having sufficient 
infbmiation in a header of the generic routing format so as to authenticate the source of the 
communication between the distributing processor and ones of the plurality of target hosts. 

45. (Currently Amended) A computer program product according to Claim 4 2 Claim 39 , 
wherein the communications received from the target hosts at the distribution processor and Hie 
encapsulated goncric communications to ones of the plurality of target hosts from the distribution 
processor are commimicated over trusted communication links. 

46. (Currently Amended) A computa: program product according to Claim 12 Claim 43 . further 
cnmprising the r , t e p of e stablis htft ^ computer readable program code which provides common IP 
filters for conununications encapsulated in the generic routing format at the distributing 
processor and the plurality of target hosts. 

47. (Original) A computer program product according to Claim 46, wherein the common IP 
filters bypass IP filtering for inbound communications encapsulated in the generic routing 
format. 

48. -57. (Canceled). 

58. (Previously Presented) The method according to Claim 1, wherein distributing the received 
network communications that are directed to the common IP address among selected ones of the 
target hosts comprises: 
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selecting among the target hosts for distribution of the network commuiiications in 
response to a predefined selection pattern to distribute workload associated with the network 
communications among the target hosts. 

59. (Previously Presented) The method according to Claim 58, wherein selecting among the 
target hosts for distribution of the network communications in response to a predefined selection 
pattcm to distribute workload associated with the network communications among the target 
hosts comprises: 

selecting among the target hosts associated with the common network address based on a 
round-robin pattern. 

60. (Previously Presented) The method according to Claim 1 , wherein distributing the received 
network communications that are directed to the common network address among selected ones 
of the target hosts comprises; 

selecting among the target hosts for distribution of the networic communications in 
response to a dynamic criteria that changes over time to distribute workload associated with the 
network communications among the target hosts. 

61. (Previously Presented) The method aca^rding lo Claim 39, wherein the computer readable 
program code which distributes the received network communications that arc directed to the 
common network address among selected ones of the target hosts comprises: 

computer readable program code that selects among the target hosts for distribution of the 
network communications in response to a predefined selection pattern to distribute workload 
associated with the network communications among the target hosts. 

62. (Previously Pr^ented) The method according to Claim 61 , wherein the computer readable 
program code that selects among the target hosts for distribution of the network communications 
in response to a predefined selection pattern to distribute woiklosid associated with the network 
communications among the target hosts comprises: 
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computer readable program code that selects among the target hosts associated with the 
common network address babed on a round-robin pattern- 

63. (Previously Presented) The method according to Claim 39, wherein the computer readable 
program code which distributes the received network communications that are directed to the 
common network address among selected ones of the target hosts comprises; 

computer readable program code that selects among the target hosts fer distribution of the 
network communications in response to a dynamic criteria that changes over time to distribute 
workload associated with the network communications among the target hosts. 



64. (New) The method according to claim 1, further comprising: 

receiving at a target host, an encapsulated communication; 

comparing a physical hnk corresponding to said distributor to a source of encapsulation; 

and 

ignoring the encapsulated communication if said physical Hnk does not match to said 
source of encapsulation. 

65. (New) The method according to claim 1, wherein distributing the received network 
communications that arc directed to the common network address among selected ones of the 
target hosts distribution processor comprises distributing the received network communications 
using a sysplcA distributor. 

66. (New) The method according to claim 1, wherein the end-to-end secure network 
communication comprises a conmiunication using the IPSEC commimication protocol. 

67. (New) The system according to claim 20, further comprising: 

means for receiving at a target host, an encapsulated communication; 
means for comparing a physical link corresponding to said distributor to a source of 
encapsulation; and 
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means for ignoring the encapsulated communication if said physical link does not match 
to said source of encapsulation. 

68. (New) The system according to claim 20, wherein the means for distributing the received 
network communications comprises a sysplex distributor. 

69. (New) The system according to claim 20, wherein the end-to-end secure network 
communication comprises a communication using the IPSEC communication protocol. 

70. (New) The computer program product according to claim 39, further comprising: 

computer readable program code which receives at a target host, an encapsulated 
communication; 

computer readable program code which compares a physical link corresponding to said 
distributor to a source of encapsulation; and 

computer readable program code which ignores the encapsulated communication if said 
physical link does not match to said source of encapsulation. 

71 . (New) The computer program product according to claim 39, wherein the computer 
readable program code which distributes the received network commimications comprises a 
sysplex distributor. 

72. (New) The computer program product according to claim 39, wherein the end-to-end secure 
network communication comprises a communication using the IPSEC communication protocol. 
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